Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft
File:                     yIYjh23RrY5iSiPdUossZMgKhSE.mft (raw, json)
Hash identifier:          BNqj78roq9l2RVLYfkU4pLz2waxkH26VY+s8nP98t8I=
Subject key identifier:   2B:95:E1:C4:01:C7:E0:4A:A9:CE:30:4A:20:41:8E:1E:A3:97:47:0F
Authority key identifier: C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21
Certificate issuer:       /CN=c88623876dd1ad8e624a23dd528b2c64c80a8521
Certificate serial:       019765F24DA52A52938F969694BBAD02DD8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft
Manifest number:          04AC
Signing time:             Thu 12 Jun 2025 21:01:07 +0000
Manifest this update:     Thu 12 Jun 2025 21:01:07 +0000
Manifest next update:     Fri 13 Jun 2025 21:01:07 +0000
Files and hashes:         1: 6bGSQZyXICWLbBfHBORwDUVmEgs.roa (hash: 1jQZKU6KRpYxffMVHliAkA59/J/hUE4iGAwCvJDdSlw=)
                          2: yIYjh23RrY5iSiPdUossZMgKhSE.crl (hash: 45qmxk8IaAhXWdRsxBPIW4utq7jhoRSG2bLRkadfRiE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 15:17:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:f2:4d:a5:2a:52:93:8f:96:96:94:bb:ad:02:dd:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c88623876dd1ad8e624a23dd528b2c64c80a8521
        Validity
            Not Before: Jun 12 21:01:07 2025 GMT
            Not After : Jun 13 21:01:07 2025 GMT
        Subject: CN=2b95e1c401c7e04aa9ce304a20418e1ea397470f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:61:d9:7c:c3:a1:5e:3c:8c:82:67:6c:44:ea:
                    e9:ad:e7:3f:68:67:65:95:c9:a3:fe:fd:6d:65:93:
                    9c:b5:b1:5d:b3:be:49:2d:b5:37:72:04:4a:56:7a:
                    35:0c:3b:8d:56:a2:8e:b7:41:65:80:06:50:90:07:
                    1e:3c:aa:74:1c:49:f2:1e:c0:ab:01:e7:1d:8f:99:
                    54:fa:45:58:aa:d3:42:bd:3b:37:45:5f:fe:8e:3e:
                    dc:e8:63:d0:03:d2:b7:17:e0:00:a9:aa:0d:49:64:
                    62:f1:4f:70:86:24:75:59:ab:ea:ef:00:f1:e6:dc:
                    69:82:ce:a6:3c:0f:66:6b:61:6c:12:8b:a8:1e:73:
                    cb:6c:bb:06:ca:8c:39:45:53:81:35:37:21:f2:f0:
                    d7:ed:51:12:27:ab:ab:51:6b:c7:8d:dc:a1:7c:e9:
                    6b:04:b7:27:83:6a:57:32:46:7a:44:2a:af:c0:a5:
                    1e:59:f2:0d:be:6b:c9:85:8b:a5:58:26:c8:cf:1a:
                    9e:79:aa:db:d9:3d:14:f4:ec:83:cc:3b:29:65:bf:
                    08:f6:df:e3:0b:01:44:3c:59:13:3a:8c:db:01:b6:
                    5c:eb:e0:b1:79:db:79:4e:04:c4:2a:a7:28:9d:b1:
                    83:74:2b:2b:c4:fa:04:5c:45:a7:ba:b0:a7:2c:e4:
                    ba:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:95:E1:C4:01:C7:E0:4A:A9:CE:30:4A:20:41:8E:1E:A3:97:47:0F
            X509v3 Authority Key Identifier:
                keyid:C8:86:23:87:6D:D1:AD:8E:62:4A:23:DD:52:8B:2C:64:C8:0A:85:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yIYjh23RrY5iSiPdUossZMgKhSE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1825d1-7c01-4915-a444-2eb51261ddba/1/yIYjh23RrY5iSiPdUossZMgKhSE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:5d:f1:f5:dc:65:b3:08:81:d7:ff:c8:58:61:92:8d:37:15:
         c2:8f:34:68:80:04:ab:c8:e0:6a:30:16:ce:80:f1:e4:00:cd:
         ae:0d:98:19:d8:e3:95:95:3f:d5:7d:06:17:d2:12:6e:a2:19:
         7a:59:cf:35:e3:58:07:51:65:66:06:5a:d1:d5:8f:fe:67:cd:
         cd:4c:5c:d3:77:23:41:6d:06:89:f4:61:27:23:49:56:cb:8e:
         ae:15:14:2e:f6:c3:ad:90:e3:99:f3:27:a7:ce:d0:3c:78:3f:
         43:d0:c1:86:34:79:fe:00:9f:33:16:19:d6:d2:49:52:62:1a:
         91:8e:7e:ed:66:42:5e:db:5a:13:ad:ce:f4:ee:f0:12:4d:76:
         bf:0a:34:6d:e9:e2:7e:d2:ce:75:34:ea:4b:90:13:af:74:9a:
         dd:04:bf:02:33:4b:76:7f:09:9f:2d:0c:9f:fc:9b:b1:30:db:
         56:0d:f5:73:bb:3c:38:f0:c4:d0:67:61:0b:b3:63:70:f9:c0:
         6a:de:0e:2c:47:df:25:05:5c:e6:b2:18:69:00:61:1d:89:24:
         c8:c4:73:01:25:73:00:22:f5:bd:8c:84:01:1e:88:45:8f:58:
         f4:72:2c:a0:30:ef:aa:d4:99:11:44:c5:81:e5:12:c6:bf:4d:
         16:3c:a9:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdl8k2lKlKTj5aWlLutAt2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ODYyMzg3NmRkMWFkOGU2MjRhMjNkZDUyOGIyYzY0Yzgw
YTg1MjEwHhcNMjUwNjEyMjEwMTA3WhcNMjUwNjEzMjEwMTA3WjAzMTEwLwYDVQQD
EygyYjk1ZTFjNDAxYzdlMDRhYTljZTMwNGEyMDQxOGUxZWEzOTc0NzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGHZfMOhXjyMgmdsROrprec/aGdl
lcmj/v1tZZOctbFds75JLbU3cgRKVno1DDuNVqKOt0FlgAZQkAcePKp0HEnyHsCr
Aecdj5lU+kVYqtNCvTs3RV/+jj7c6GPQA9K3F+AAqaoNSWRi8U9whiR1Wavq7wDx
5txpgs6mPA9ma2FsEouoHnPLbLsGyow5RVOBNTch8vDX7VESJ6urUWvHjdyhfOlr
BLcng2pXMkZ6RCqvwKUeWfINvmvJhYulWCbIzxqeearb2T0U9OyDzDspZb8I9t/j
CwFEPFkTOozbAbZc6+Cxedt5TgTEKqconbGDdCsrxPoEXEWnurCnLOS6swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuV4cQBx+BKqc4wSiBBjh6jl0cPMB8GA1UdIwQY
MBaAFMiGI4dt0a2OYkoj3VKLLGTICoUhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQt
MmViNTEyNjFkZGJhLzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xODI1ZDEtN2MwMS00OTE1LWE0NDQtMmViNTEyNjFkZGJh
LzEveUlZamgyM1JyWTVpU2lQZFVvc3NaTWdLaFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFl3x9dxl
swiB1//IWGGSjTcVwo80aIAEq8jgajAWzoDx5ADNrg2YGdjjlZU/1X0GF9ISbqIZ
elnPNeNYB1FlZgZa0dWP/mfNzUxc03cjQW0GifRhJyNJVsuOrhUULvbDrZDjmfMn
p87QPHg/Q9DBhjR5/gCfMxYZ1tJJUmIakY5+7WZCXttaE63O9O7wEk12vwo0beni
ftLOdTTqS5ATr3Sa3QS/AjNLdn8Jny0Mn/ybsTDbVg31c7s8OPDE0GdhC7NjcPnA
at4OLEffJQVc5rIYaQBhHYkkyMRzASVzACL1vYyEAR6IRY9Y9HIsoDDvqtSZEUTF
geUSxr9NFjypsQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 01:03:44 2025 by rpki-client